How to check whether data already exists or has remained blank?

Asked

Viewed 114 times

1

I was testing the registrations of the site I did, and I noticed that I managed to register the same username 2 times, even having declared "UNIQUE" in the table.

And another thing, I also noticed that although I have left the required fields, if someone enters space, the record is successfully done. How to stop something like this from happening?

Below is the entry code in the database:

<?php

// captura dos dados digitados no formulário //
$nome=$_POST ['nome'];
$sobrenome=$_POST ['sobrenome'];
$username=$_POST ['username'];
$email=$_POST ['email'];
$senha=$_POST ['senha'];
$telefone=$_POST ['telefone'];

$sql = mysql_query("INSERT INTO cadastro (nome,sobrenome,username,email,senha,telefone)  VALUES ('$nome', '$sobrenome','$username','$email','$senha','$telefone')") or die(mysql_error());

$resultado = mysql_query ($sql);
header ("Location:../usuario/index.php");
?>

2 answers

1

this same insert with Pdo would look like this with the removal of spaces

$host = "localhost";
$user = "seu usuario";
$pass = "sua senha";
$banco = "seu banco de dados";

$conn = new PDO('mysql:host='.$host.';dbname='.$banco.'',$user,$pass);

if(empty($_POST['username'])){
    echo "Username vazio!";
}else{
   $nome = $_POST['nome'];
   $sobrenome = $_POST['sobrenome'];
   $username = trim($_POST['username']);
   $email = $_POST['email'];
   $senha = $_POST['senha'];
   $telefone = $_POST['telefone'];

   $insere = $conn->prepare("INSERT INTO cadastro (nome,sobrenome,username,email,senha,telefone)  VALUES ('$nome', '$sobrenome','$username','$email','$senha','$telefone')");
   $insere->execute();


   if($insere){
      echo "Inserido com sucesso!";
   }else{
      echo "Erro ao inserir!";
   }
}

0

Removal of spaces

If you are validating in Javascript with Jquery, you can do the following:

var nome = $('#nome').val().trim(); // O método trim remove os espaços

if(nome === ''){
    alert('Preencha o nome!');
}

To remove the spaces in PHP, there is the function trim:

// Com trim os espaços são removidos das strings
$nome      = trim($_POST['nome']);
$sobrenome = trim($_POST['sobrenome']);
$username  = trim($_POST['username']);
$email     = trim($_POST['email']);
// Aqui seriam colocados o restante dos campos...

Preventing duplicate bank inserts

To avoid duplication, you need to check if the record exists before entering it. That is, You need to do a query to check if the username has been entered before. The username field is what I am using as an example, if it is another field that will define if the user is unique, just use it instead of username.

The query would look like this:

SELECT id FROM tabela WHERE username = '$username' LIMIT 1

If the query returns results, it means that the user already exists, knowing this just check the result before doing the Insert. Remembering that tabela should be replaced by the table name you are using in your database.

PS: I recommend you use the PDO, because the functions mysql_* are in disuse. I also recommend filtering the data sent by POST, for this is exists the function filter_inputof PHP.

  • 1

    Poxa Raphael, thank you so much for your help, I will test still on the check. On the removal of spaces, I am validating all the data directly by php, and there I tried some codes and it didn’t work as I wanted.

Browser other questions tagged

You are not signed in. Login or sign up in order to post.